CVE

Id
35337  
CVE No.
CVE-2008-5220  
Status
Candidate  
Description
Unrestricted file upload vulnerability in admin/upload_form.php in wPortfolio 0.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in admin/tmp/.  
Phase
Assigned (20081125)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
387262 35337 CVE-2008-5220 MILW0RM:7165  View
387263 35337 CVE-2008-5220 URL:http://www.milw0rm.com/exploits/7165  View
387264 35337 CVE-2008-5220 BID:32367  View
387265 35337 CVE-2008-5220 URL:http://www.securityfocus.com/bid/32367  View
387266 35337 CVE-2008-5220 VUPEN:ADV-2008-3219  View
387267 35337 CVE-2008-5220 URL:http://www.vupen.com/english/advisories/2008/3219  View
387268 35337 CVE-2008-5220 XF:wportfolio-uploadform-file-upload(46745)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
45636 JVNDB-2008-000028 KENT WEB 製 WEB MART におけるクロスサイトスクリプティングの脆弱性 KENT WEB が提供する WEB MART には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-5224 35337 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000028.html  View